Reputation: 165
Error while doing IdP initiated login using AWS Cognito
I am using IdP as Onelogin & aws cognito(SP). SP initiated login working fine. But when i clicked on App Portal/ Home -> on my application, then it redirects to cognito with error prompt "Invalid relayState from identity provider" I checked relay state parameter in One-Login configuration is correct like https://***:81/login which is our login page URL.
Upvotes: 15
Views: 10460
Answers (3)
Reputation: 743
Not writing an answer but rather linking the official Cognito doc, that talks about Setting up SAML Federation in AWS Cognito for IDP initiated Single Sign On (SSO).
Hope this helps you as much as it helped me.
Upvotes: 0
Reputation: 2296
Note that as of February 2024, Cognito does support the IDP initiated flow. If you are using IDP-initiated SAML, you need to update the format of your Relay State. Refer to my answer here for more details on how to enable this within cognito: AWS Cognito: support of SSO IdP-initiated workflow
Upvotes: 1
Reputation: 1632
Cognito only supports SP initiated flow.
So the flow must go Cognito Authorize endpoint -> IDP -> back to Cognito.
Upvotes: 14
Related Questions
- AWS cognito returning - 'Invalid Login Token. Not a Cognito Token'
- AWS Cognito Error: 'identityPoolId' failed to satisfy constraint
- "Access token does not contain openid scope" in AWS Cognito
- AmazonCognitoIdentityProviderException: User is not authorized to perform cognito-idp:DescribeUserPool on resource
- AmazonCognitoIdentity AccessDeniedException
- AWS Cognito: unknown error when logging in the admin created user for the first time
- AWS Cognito IntitiateAuth: Missing required parameter UserName
- Getting an error while authenticating a user using AWS Cognito
- AWSCognito Login Provider Error
- AWS Cognito: Access to Identity is forbidden when calling getOpenIdToken()